Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / aa7d9af4d709fea2703f1a697274614b188411d5 / . / keycloak / server / realm / drivetrain.yml
blob: 054b92f888ab463e8bbcb3902f5f50cbc0f1be8b [file] [log] [blame]
Adam Tengler306a1882018-10-23 18:23:41 +0000[diff] [blame]1parameters:
2 _param:
3 keycloak_drivetrain_users_dn: ou=people,dc=cicd,dc=local
4 keycloak_drivetrain_bind_dn: cn=admin,dc=cicd,dc=local
5 keycloak_drivetrain_connection_url: ldap://${_param:single_address}:1389
6 keycloak_drivetrain_provider_display_name: drivetrain-ldap
7 keycloak:
8 server:
9 realm:
10 drivetrain-realm:
11 enabled: true
12 client:
13 operations-api:
14 enabled: true
15 base_url: /operations-api-portal
16 redirect_uris:
Pavel Cizinskyaa7d9af2018-10-26 18:29:54 +0200[diff] [blame^]17 - "/operations-api/*"
Adam Tengler306a1882018-10-23 18:23:41 +0000[diff] [blame]18 admin_url: /operations-api-portal
19 direct_access_grants_enabled: true
20 secret: ${_param:keycloak_operations_api_client_secret}
21 protocol_mapper:
22 oidc-usermodel-property-mapper:
23 username:
24 name: username
25 user_attribute: username
26 claim_name: preferred_username
27 given_name:
28 name: given name
29 user_attribute: firstName
30 claim_name: given_name
31 family_name:
32 name: family name
33 user_attribute: lastName
34 claim_name: family_name
35 email:
36 name: email
37 user_attribute: email
38 claim_name: email
39 oidc-full-name-mapper:
40 full_name:
41 name: full_name
Pavel Cizinskyaa7d9af2018-10-26 18:29:54 +0200[diff] [blame^]42 operations-ui:
43 enabled: true
44 base_url: /
45 web_origins:
46 - "*"
47 redirect_uris:
48 - "*"
49 public_client: true
50 admin_url: /
51 direct_access_grants_enabled: true
52 secret: '*****'
53 protocol_mapper:
54 oidc-usermodel-property-mapper:
55 username:
56 name: username
57 user_attribute: username
58 claim_name: preferred_username
59 given_name:
60 name: given name
61 user_attribute: firstName
62 claim_name: given_name
63 family_name:
64 name: family name
65 user_attribute: lastName
66 claim_name: family_name
67 email:
68 name: email
69 user_attribute: email
70 claim_name: email
71 oidc-full-name-mapper:
72 full_name:
73 name: full_name
Adam Tengler306a1882018-10-23 18:23:41 +0000[diff] [blame]74 federation_provider:
75 ldap:
76 display_name: ${_param:keycloak_drivetrain_provider_display_name}
77 users_dn: ${_param:keycloak_drivetrain_users_dn}
78 bind_dn: ${_param:keycloak_drivetrain_bind_dn}
79 bind_credential: ${_param:keycloak_drivetrain_bind_credential}
80 connection_url: ${_param:keycloak_drivetrain_connection_url}
81 federation_mapper:
82 user-attribute-ldap-mapper:
83 username:
84 name: username
85 provider_display_name: ${_param:keycloak_drivetrain_provider_display_name}
86 ldap_attribute: uid
87 model_attribute: username
88 first_name:
89 name: first name
90 provider_display_name: ${_param:keycloak_drivetrain_provider_display_name}
91 ldap_attribute: givenName
92 model_attribute: firstName
93 last_name:
94 name: last name
95 provider_display_name: ${_param:keycloak_drivetrain_provider_display_name}
96 ldap_attribute: sn
97 model_attribute: lastName
98 email:
99 name: email
100 provider_display_name: ${_param:keycloak_drivetrain_provider_display_name}
101 ldap_attribute: mail
102 model_attribute: email
103 mandatory: false
104 role-ldap-mapper:
105 realm_roles:
106 name: realm roles
107 provider_display_name: ${_param:keycloak_drivetrain_provider_display_name}
108 roles_dn: ou=groups,dc=cicd,dc=local